-
Recent Posts
Categories
- .NET Security (95)
- ASP.NET (163)
- ASP.NET Core (27)
- AuthorizationServer (33)
- Azure (29)
- Conferences & Training (40)
- IdentityModel (347)
- IdentityServer (205)
- Katana (46)
- OAuth (163)
- OpenID Connect (94)
- OWIN (45)
- Photography (14)
- PolicyServer (3)
- Resources (1)
- Uncategorized (627)
- WCF (109)
- WebAPI (223)
Tweets
Tweets by leastprivilegeFeed
Archives
- February 2026
- October 2024
- May 2021
- October 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- September 2019
- August 2019
- July 2019
- June 2019
- April 2019
- February 2019
- January 2019
- December 2018
- July 2018
- June 2018
- May 2018
- February 2018
- January 2018
- December 2017
- November 2017
- October 2017
- August 2017
- July 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- May 2016
- February 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- July 2015
- June 2015
- May 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- January 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005
- August 2005
- July 2005
- June 2005
- May 2005
- April 2005
- March 2005
- February 2005
- January 2005
- December 2004
- November 2004
- October 2004
- September 2004
- August 2004
- July 2004
- June 2004
- May 2004
Category Archives: IdentityServer
Troubleshooting IdentityServer
I often get questions similar to: “We are trying to do X – but we only see ‘Sorry, an error occurred while processing your request.’ in the browser. What am I missing” Well – that means an error has occurred..and … Continue reading
Posted in IdentityServer
Leave a comment
IdentityServer: Preview of the OpenID Connect Basic Client Profile
The mid term plan is that OpenID Connect will replace the plain OAuth2 endpoints in IdentityServer. As a first step, I just checked in a preview of the OIDC basic client profile support (see this doc). The preview consists of … Continue reading
Posted in ASP.NET, IdentityServer, WebAPI
4 Comments
IdentityServer: Using WS-Federation with JWT Tokens (and symmetric Signatures)
In this post I described how to use IdentityServer to do WS-Federation with JWT tokens. In that post I used the default IdSrv signing certificate to sign the outgoing JWT tokens. There are scenarios where you don’t have certificates but … Continue reading
Posted in ASP.NET, IdentityServer, WebAPI
7 Comments
Using IdentityServer to issue tokens for Windows Server ServiceBus
Windows Server ServiceBus supports SWT tokens to authorize actions on a SB namespace or entity (e.g. listen, send or manage). In the Azure version of ServiceBus you would use the Azure Access Control Service to issue such tokens. In the … Continue reading
Posted in Azure, IdentityModel, IdentityServer
8 Comments
Bringing SWT Support back to Thinktecture IdentityModel
When Microsoft released the JWT library, I thought that’s a good opportunity to remove the SWT support from IdentityModel. But it turns out, there are still scenarios for SWT – so I refreshed my old code and added the SWT … Continue reading
Posted in IdentityModel, IdentityServer
1 Comment
Thinktecture AuthorizationServer v0.5 released
I just uploaded a “feature complete” version of AuthorizationServer to Github. This version has all the features we are planning for v1 – please give us feedback when you think things should work differently or when you find a bug. … Continue reading
Posted in AuthorizationServer, IdentityModel, IdentityServer, OAuth, WebAPI
Leave a comment
IdentityServer: Using WS-Federation with JWT Tokens
WS-Federation is token agnostic – that means you can also use JWT tokens instead of the default SAML ones. Why would you want to do that? Well – JWT’s a slightly more compact which I think is irrelevant for WS-Federation … Continue reading
Posted in ASP.NET, IdentityModel, IdentityServer
8 Comments
New IdentityServer Feature: Accept encrypted SAML tokens via WS-Federation/HRD
This was long pending and some people asked for it. You can now configure a decryption certificate in the admin area and use that to decrypt incoming SAML tokens via WS-Federation: So far I have only tested with my ADFS … Continue reading
Posted in IdentityServer
Leave a comment
NDC Oslo 2013 Slides and Videos
The NDC videos are online now! Web API Security (includes first public demo ever of AuthorizationServer)Video: https://vimeo.com/68327244Slides: https://speakerdeck.com/leastprivilege/securing-asp-dot-net-web-api-ndc-oslo-2013 OAuth2 – The good, the bad and the uglyVideo: https://vimeo.com/68331687Slides: https://speakerdeck.com/leastprivilege/oauth2-the-good-the-bad-and-the-ugly-ndc-oslo-2013 Enjoy!
Adding Windows Azure AD (GA) as an Identity Provider in IdentityServer
Things have slightly changed between releases of WAAD, so I thought I quickly document the steps how to add the GA version of WAAD as an identity provider to IdentityServer. If we would support parsing WS-Federation metadata, this could be … Continue reading
Posted in IdentityServer
7 Comments
leastprivilege.com 